On Tue, Mar 16, 2021 at 09:42:46PM +0100, Mickaël Salaün wrote: > From: Mickaël Salaün <mic@xxxxxxxxxxxxxxxxxxx> > > The sb_delete security hook is called when shutting down a superblock, > which may be useful to release kernel objects tied to the superblock's > lifetime (e.g. inodes). > > This new hook is needed by Landlock to release (ephemerally) tagged > struct inodes. This comes from the unprivileged nature of Landlock > described in the next commit. > > Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx> > Cc: James Morris <jmorris@xxxxxxxxx> > Cc: Kees Cook <keescook@xxxxxxxxxxxx> > Signed-off-by: Mickaël Salaün <mic@xxxxxxxxxxxxxxxxxxx> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -- Kees Cook
